The US Cybersecurity and Infrastructure Security Agency (CISA) has released a new resource guide titled "Empowering Small and Medium-Sized Businesses (SMB): A Resource Guide for Developing a Resilient Supply Chain Risk Management Plan." It aims to help Information and Communications Technology (ICT) SMBs develop and tailor a Supply Chain Risk Management (SCRM) plan that meets their business needs. In regard to the costs and complexity of SCRM, SMBs oftentimes lack the dedicated risk management and SCRM knowledge necessary to mitigate the risk of supply chain disruption.

The US Securities and Exchange Commission (SEC) has recently adopted rules requiring public companies to disclose cybersecurity incidents within four business days. After determining that an incident is material, the company has four business days to disclose it using the new Form 8-K Item 1.05. According to an SEC press release, the company must describe the material parts of the nature, timing, and scope of the incident, as well as its effects. The impact of the rules on companies, their management, boards of directors, and cybersecurity are of much discussion.

Quasar RAT, also known as CinaRAT or Yggdrasil, is an open-source Remote Access Trojan (RAT) that has been using DLL side-loading to avoid detection and stealthily steal data from compromised Windows hosts. According to researchers at Uptycs, this technique exploits the inherent trust that these files command within the Windows environment. They detailed the malware's reliance on ctfmon.exe and calc.exe in the attack chain. Quasar RAT is a C#-based remote administration tool.

The US energy services company BHI Energy has detailed how the Akira ransomware operation breached its network and stole data. BHI Energy is an engineering services and staffing solutions provider that supports private and government-operated oil and gas, nuclear, wind, solar, and fossil power generation units, as well as electricity transmission and distribution facilities. In a data breach notification sent to affected people by BHI Energy, the company describes in detail how the Akira ransomware group breached its network on May 30, 2023.

The FBI and Department of Justice (DoJ) have recently announced that thousands of information technology workers contracting with U.S. companies have for years secretly sent millions of dollars of their wages to North Korea for use in its ballistic missile program.  The DoJ noted that IT workers dispatched and contracted by North Korea to work remotely with companies in St. Louis and elsewhere in the U.S. have been using false identities to get the jobs.  The money they earned was funneled to the North Korean weapons program.

Eight recently discovered vulnerabilities in the SolarWinds Access Rights Manager Tool (ARM), including three of critical severity, could allow attackers to gain access to unpatched systems with the highest levels of privilege. SolarWinds occupies a sensitive position in corporate networks as a comprehensive Information Technology (IT) management platform. Administrators use the ARM tool to provision, manage, and audit user access rights to data, files, and systems. This tool exemplifies the platform's ability to oversee and impact critical corporate network components.

Cisco has released the first fixes for the IOS XE zero-day vulnerability, tracked as CVE-2023-20198, which attackers exploited to deliver a malicious implant. The fixes were recently made available, but several cybersecurity companies and organizations observed a significant decrease in the number of Internet-facing Cisco devices infected with the implant. Several theories have been proposed regarding the cause of this change, but the real reason remains unclear.

A research team in the US has developed a novel hardware accelerator prototype for edge devices that can encrypt cloud-sent and -received messages with 1,000 to 6,000 times the energy efficiency of a standard RISC-V processor. Their proposed method is called RISE. Smartphones, Internet of Things (IoT) sensors, wearable devices, and other edge devices typically have limited computational capabilities and memory, requiring frequent data transmission to the cloud for processing. However, the data exchange between edge devices and the cloud poses security and privacy risks.

Identity and access management (IAM) specialist Okta has recently found itself on the receiving end of another security breach after a threat actor was able to access a stolen credential.  Okta said an adversary used the credential to access its support case management system.  The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases.  The company noted that it should known that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted.

A team of digital security researchers at the University of Wisconsin-Madison discovered that some widely used websites are vulnerable to browser extensions capable of extracting sensitive information from HTML code, including passwords, credit card numbers, and social security numbers. About 15 percent of the more than 7,000 websites examined by the researchers retain sensitive information as plain text in their HTML source code.